@ls_tech said in I bypassed my jobs security restrictions...:

Funny thing i accually tried to use the situation to send to the IT department and see if they could get me a job over, turns out only SUP can talk with IT departments and the emails i tried to send off too are old. i was excited to use it in a positive way. Yeah ill just learn at the job and not take a risk of termination by telling/

From what you said elsewhere, IT may be all offshore which would imply that, unless you want to take a paycut and move to the Pacific Ocean, there's no IT option for you. When a company of any size outsourcings and/or offshores a department, that will normally cut off any path you have at joining that department from the US, at least not as a very senior resource.

We face a similar problem. We aren't in Asia, but are in LATAM. If you were working for me in the US, and this chain of events unfolded, and IT was your dream, and we were impressed with your work.... you'd still face a "so, you want to move to LATAM?" question before you could consider a position on our IT team.

Sadly, it's most likely, if this is how your company is, that it likely doesn't present a path into IT for you in you are in the US. But that's okay, it's a great job for studying IT and learning and getting ready for that IT job somewhere else.

Also, I highly recommend less time on the A+. Read the book, learn the material, but do it quickly and skip the exam. Go right to the Network+. Any job that cares about the A+ isn't a real or good IT job and will just hold you back long term. A+ is an exam for bench, not IT. Loads of crappy IT shops expect it, but is a crappy shop what you want? Probably not. Go for the IT exam instead and move directly into an IT job. Slightly harder to get your foot in the first door, but a much faster ladder to climb.

@gjacobse said in (Air Gapped) Data Storage and security:

Can you (how do you) Air gap and secure data and still be able to make it available to a (end user)

Once the user can get to it, it's not air gapped any longer.

A proper DMZ is still a valid concept, but was never that big of a deal. There are almost no resources that make sense to put there. If you have those resources, then sure. But who does? The advent of cloud computing, cheaper colocation, better IT knowledge, etc. has led most shops to not try to make "internal/external" shared resources where one side is public and the other uses LAN security; and what little of that remains in need is generally addressed with VLANs in a slightly different way.

@irj said in Network Vulnerability Scan with REporting:

@obsolesce said in Network Vulnerability Scan with REporting:

What does everything OpenVAS does, and giving you the same info such as fixes/resolutions, but is faster for larger environments?

Yeah, but OpenVas is a resource pig, and the reporting isnt very good when you are reporting against thousands of systems, and you need to break them up into smaller groups. Also it isnt ideal for enterprise as permissions are a nightmare when you only want certain people to see certain assets.

It is actually much more expensive for a large company to try to use OpenVas

I'm not using it for thousands of systems at once, and permissions are not an issue. At most a scan is against a hundred or two devices at once. Maybe that's why I haven't noticed any slow or clunkyness.

But for in the future, I am curious of what to use that compares to OpenVAS, but is better with speed and permissions?

Like I said, it was a couple years ago. Make sure to go through their documentation well.

@jaredbusch - I thought that is what you meant but did a double-take. LOL

I just had this issue with 2 users. Both were using the Grandstream Wave app softphone. Then they tried to register using the Bria app. Worked instantly. Strange behavior